Yeah I would say generally hardware keys are actually EASIER for many older people to understand once you walk them through the process. The real problem, however, is that so many damn places (I am looking at you big banking!) either do not support the key, do not support the protocols that some keys use, or just easily allow you to fall back to another method.

If we can get to the point where a hardware key is universally accepted at all of the major places older people commonly use then I think it will be an easy sell. Showing someone how to open an authenticator app, scan a barcode, name it correctly, then later re-open the app to find the correct code (which is periodically expiring so they need to do this all relatively quickly) in ADDITION to their normal password ( I see so many of them either put the code in the password field or some other combo ) is actually quite a few steps. And once you get a ton of authenticator codes inside the app it can get confusing which is which unless you name them all carefully.

Telling someone "plug in this physical key" is a hell of a lot easier and so much more similar to what they are used to.

Yes, but I'm not sure this is limited to "older" people! It really helps to have a security model people can understand, operating like something they already know. You don't get phished at the front door either (if we're talking FIDO). The problem is the non-trivial expense. That leads to organizations like universities not using them and essentially insisting that everyone -- specifically students -- uses their own, possibly compromised smartphone, though you can get round that with on your laptop, say. That's also the device they're likely to use to connect too... And it's still phishing, we've heard of it.

On Duo, if you have multiple hardware keys registered, then you need to pick the key to use for 2FA before you get the prompt. If you pick the wrong key, it will fail. It is very easy to end up in a configuration where every time you need to perform a Duo login, you have to click 3 times to pick the right key.

Or you can skip the keys and get a mobile prompt, instantly, the moment you visit the page.

Of course, this has nothing to do with the underlying limitations of hardware keys. But vendors routinely mess up implementing them. We could really use some rock-solid open source WebAuthN implementations.

From what I've seen of people who go along with using their own phone for this, you can get the mobile prompt many times without doing anything, even when you're not being attacked (as far as we could tell, but I don't know what the actual cause has been). Sigh.

Does it still prompt you to pick a key if all you have are Security Keys enrolled? I can see if you've got other options they might want to check first before doing the WebAuthn process.

>I am looking at you big banking

Jokes on you, 1st world banks are well-known to have a huge lag in tech. Like still handing out dedicated TOTP devices or OTP scratch-cards. OTOH we have crypto exchanges running on a bleeding edge. Binance has (partial) fido2 support. I am not aware of any other.

Coinbase does TOTP.

Any banks in the US that support hardware key 2FA?

I've also found this works fine. The new ones seem to have wireless built in now as well (good for phones). And you can have more than one key on the physical key (I don't like the the microsoft / duo / etrade VIP secure / etc) endless app list!

Today's fun fact: On cheaper devices (anything cheaper than say Yubico's Security Key 2 product, and even often for common uses with products in that range too) there actually isn't ever "more than one key on the physical key". They have a single key baked inside them (typically an AES symmetric key) You can use them to authenticate as you on an unlimited number of sites because they're not actually remembering the private keys used to authenticate so they don't need to store them anywhere!

Let's watch how that trick is done, starting with a much more expensive device that has plenty of storage, an iPhone.

When you enrol the iPhone as an authenticator, the standard requires it to provide a very large ID number for that enrolment, and it warns implementers these aren't serial numbers if they're picking an ID use random numbers. The iPhone signs a message with a proof of freshness (random numbers the Relying Party picked), a proof of who the message is for (a hash of the Relying Party's DNS name) an elliptic curve public key it just picked at random, all signed with the corresponding private key. This is sent to the Relying Party (ie a web site) along with the ID number and enrolment has succeeded. The iPhone just stores all that in Flash because hey, it has gigabytes of flash storage so who cares. When you need to authenticate to some web site, the site gives back the ID number, the iPhone finds the right entry in Flash, retrieves the private key and produces a new signed message to authenticate.

However, the ID is so big for a good reason -- a whole elliptic curve private key can fit with space for an AEAD tag to spare. So instead of gigabytes of flash storage a $15 FIDO authenticator just uses AES to encrypt the random private key for this site (using the symmetric key baked inside it), and provides that encrypted message as the ID number for the enrolment. Then it can forget the private key! When a site wants you to authenticate later, the site gives back the ID number (always a big random-looking number anyway remember) and your authenticator decrypts the ID number to get back the private key for that site, signs the authentication message and immediately forgets the private key again.

It's genius. If you came up with this idea independently of reading about FIDO/ WebAuthn congratulations you might have a future in cryptographic engineering.